summaryrefslogtreecommitdiff
path: root/source4/auth/auth_winbind.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/auth/auth_winbind.c')
-rw-r--r--source4/auth/auth_winbind.c26
1 files changed, 17 insertions, 9 deletions
diff --git a/source4/auth/auth_winbind.c b/source4/auth/auth_winbind.c
index 8a6a5a720b..878e706b9b 100644
--- a/source4/auth/auth_winbind.c
+++ b/source4/auth/auth_winbind.c
@@ -59,27 +59,35 @@ static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
struct netr_SamInfo3 info3;
/* Send off request */
+ const struct auth_usersupplied_info *user_info_temp;
+ nt_status = encrypt_user_info(mem_ctx, ctx->auth_ctx,
+ AUTH_PASSWORD_RESPONSE,
+ user_info, &user_info_temp);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
+ user_info = user_info_temp;
ZERO_STRUCT(request);
ZERO_STRUCT(response);
request.flags = WBFLAG_PAM_INFO3_NDR;
fstrcpy(request.data.auth_crap.user,
- user_info->account_name);
+ user_info->client.account_name);
fstrcpy(request.data.auth_crap.domain,
- user_info->domain_name);
+ user_info->client.domain_name);
fstrcpy(request.data.auth_crap.workstation,
user_info->workstation_name);
memcpy(request.data.auth_crap.chal, ctx->auth_ctx->challenge.data.data, sizeof(request.data.auth_crap.chal));
- request.data.auth_crap.lm_resp_len = MIN(user_info->lm_resp.length,
+ request.data.auth_crap.lm_resp_len = MIN(user_info->password.response.lanman.length,
sizeof(request.data.auth_crap.lm_resp));
- request.data.auth_crap.nt_resp_len = MIN(user_info->nt_resp.length,
+ request.data.auth_crap.nt_resp_len = MIN(user_info->password.response.nt.length,
sizeof(request.data.auth_crap.nt_resp));
- memcpy(request.data.auth_crap.lm_resp, user_info->lm_resp.data,
+ memcpy(request.data.auth_crap.lm_resp, user_info->password.response.lanman.data,
request.data.auth_crap.lm_resp_len);
- memcpy(request.data.auth_crap.nt_resp, user_info->nt_resp.data,
+ memcpy(request.data.auth_crap.nt_resp, user_info->password.response.nt.data,
request.data.auth_crap.nt_resp_len);
result = winbindd_request(WINBINDD_PAM_AUTH_CRAP, &request, &response);
@@ -96,19 +104,19 @@ static NTSTATUS winbind_check_password(struct auth_method_context *ctx,
validation.sam3 = &info3;
nt_status = make_server_info_netlogon_validation(mem_ctx,
- user_info->account_name,
+ user_info->client.account_name,
3, &validation,
server_info);
return nt_status;
} else if (result == NSS_STATUS_SUCCESS && !response.extra_data) {
DEBUG(0, ("Winbindd authenticated the user [%s]\\[%s], "
"but did not include the required info3 reply!\n",
- user_info->domain_name, user_info->account_name));
+ user_info->client.domain_name, user_info->client.account_name));
return NT_STATUS_INSUFFICIENT_LOGON_INFO;
} else if (NT_STATUS_IS_OK(nt_status)) {
DEBUG(1, ("Winbindd authentication for [%s]\\[%s] failed, "
"but no error code is available!\n",
- user_info->domain_name, user_info->account_name));
+ user_info->client.domain_name, user_info->client.account_name));
return NT_STATUS_NO_LOGON_SERVERS;
}